Re: [PATCHv2] audit: Audit resources used by VirtIO RNG

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Mar 12, 2013 at 04:11:15PM +0100, Peter Krempa wrote:
> This patch adds auditing of resources used by Virtio RNG devices. Only
> resources on the local filesystems are audited properly. For remote
> character device sources "remote" is logged as the path and "none"
> is logged for character device backends that don't have a source.
> 
> The audit logs look like:
> 
> For the 'random' backend:
> type=VIRT_RESOURCE msg=audit(1363099126.643:31): pid=995252 uid=0 auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?" new-rng="/dev/random": exe="/home/pipo/libvirt/daemon/.libs/libvirtd" hostname=? addr=? terminal=pts/0 res=success'
> 
> For local character device source:
> type=VIRT_RESOURCE msg=audit(1363100164.240:96): pid=995252 uid=0 auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?" new-rng="/tmp/unix.sock": exe="/home/pipo/libvirt/daemon/.libs/libvirtd" hostname=? addr=? terminal=pts/0 res=success'
> 
> For a remote character device source:
> type=VIRT_RESOURCE msg=audit(1363100291.450:127): pid=995252 uid=0 auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?" new-rng="remote": exe="/home/pipo/libvirt/daemon/.libs/libvirtd" hostname=? addr=? terminal=pts/0 res=success'
> 
> And for character backends that don't have a source:
> type=VIRT_RESOURCE msg=audit(1363100520.513:158): pid=995252 uid=0 auid=4294967295 ses=4294967295 msg='virt=kvm resrc=rng reason=start vm="qcow-test" uuid=118733ed-b658-3e22-a2cb-4fe5cb3ddf79 old-rng="?" new-rng="none": exe="/home/pipo/libvirt/daemon/.libs/libvirtd" hostname=? addr=? terminal=pts/0 res=success'

For devices which don't touch any local resource, we should simply not emit any
audit record at all. So these last two examples should simply not exist.

> diff --git a/src/conf/domain_audit.c b/src/conf/domain_audit.c
> index 8cd522a..0f2cf4f 100644
> --- a/src/conf/domain_audit.c
> +++ b/src/conf/domain_audit.c
> @@ -57,6 +57,37 @@ virDomainAuditGetRdev(const char *path ATTRIBUTE_UNUSED)
>  }
>  #endif
> 
> +static const char *
> +virDomainAuditChardev(virDomainChrSourceDefPtr chr)
> +{
> +    if (!chr)
> +        return "?";
> +
> +    switch ((enum virDomainChrType) chr->type) {
> +    case VIR_DOMAIN_CHR_TYPE_PTY:
> +    case VIR_DOMAIN_CHR_TYPE_DEV:
> +    case VIR_DOMAIN_CHR_TYPE_FILE:
> +    case VIR_DOMAIN_CHR_TYPE_PIPE:
> +        return chr->data.file.path;
> +
> +    case VIR_DOMAIN_CHR_TYPE_UNIX:
> +        return chr->data.nix.path;
> +
> +    case VIR_DOMAIN_CHR_TYPE_TCP:
> +    case VIR_DOMAIN_CHR_TYPE_UDP:
> +        return "remote";

So return NULL here

> +
> +    case VIR_DOMAIN_CHR_TYPE_NULL:
> +    case VIR_DOMAIN_CHR_TYPE_VC:
> +    case VIR_DOMAIN_CHR_TYPE_STDIO:
> +    case VIR_DOMAIN_CHR_TYPE_SPICEVMC:
> +    case VIR_DOMAIN_CHR_TYPE_LAST:
> +        return "none";

and return NULL here

> +    }
> +
> +    return "?";
> +}
> +
>  void
>  virDomainAuditDisk(virDomainObjPtr vm,
>                     const char *oldDef, const char *newDef,
> @@ -100,6 +131,89 @@ cleanup:
>  }
> 
> 
> +static void
> +virDomainAuditRNG(virDomainObjPtr vm,
> +                  virDomainRNGDefPtr newDef, virDomainRNGDefPtr oldDef,
> +                  const char *reason, bool success)
> +{
> +    char uuidstr[VIR_UUID_STRING_BUFLEN];
> +    char *vmname;
> +    const char *newsrcpath = NULL;
> +    const char *oldsrcpath = NULL;
> +    char *oldsrc = NULL;
> +    char *newsrc = NULL;
> +    const char *virt;
> +
> +    virUUIDFormat(vm->def->uuid, uuidstr);
> +    if (!(vmname = virAuditEncode("vm", vm->def->name)))
> +        goto no_memory;
> +
> +    if (!(virt = virDomainVirtTypeToString(vm->def->virtType))) {
> +        VIR_WARN("Unexpected virt type %d while encoding audit message",
> +                 vm->def->virtType);
> +        virt = "?";
> +    }
> +
> +    if (newDef) {
> +        switch ((enum virDomainRNGBackend) newDef->backend) {
> +        case VIR_DOMAIN_RNG_BACKEND_RANDOM:
> +            if (newDef->source.file)
> +                newsrcpath = newDef->source.file;
> +            else
> +                newsrcpath = "/dev/random";
> +            break;
> +
> +        case VIR_DOMAIN_RNG_BACKEND_EGD:
> +            newsrcpath = virDomainAuditChardev(newDef->source.chardev);
> +            break;
> +
> +        case VIR_DOMAIN_RNG_BACKEND_LAST:
> +            break;
> +        }
> +    }
> +
> +    if (!(newsrc = virAuditEncode("new-rng", VIR_AUDIT_STR(newsrcpath))))
> +        goto no_memory;
> +
> +
> +    if (oldDef) {
> +        switch ((enum virDomainRNGBackend) oldDef->backend) {
> +        case VIR_DOMAIN_RNG_BACKEND_RANDOM:
> +            if (oldDef->source.file)
> +                oldsrcpath = oldDef->source.file;
> +            else
> +                oldsrcpath = "/dev/random";
> +            break;
> +
> +        case VIR_DOMAIN_RNG_BACKEND_EGD:
> +            oldsrcpath = virDomainAuditChardev(oldDef->source.chardev);
> +            break;
> +
> +        case VIR_DOMAIN_RNG_BACKEND_LAST:
> +            break;
> +        }
> +    }

And if both newsrcpath and oldsrcpath are NULL at this point, then jump
to the cleanup label

> +
> +    if (!(oldsrc = virAuditEncode("old-rng", VIR_AUDIT_STR(oldsrcpath))))
> +        goto no_memory;
> +
> +    VIR_AUDIT(VIR_AUDIT_RECORD_RESOURCE, success,
> +              "virt=%s resrc=rng reason=%s %s uuid=%s %s %s",
> +              virt, reason, vmname, uuidstr,
> +              oldsrc, newsrc);
> +
> +cleanup:
> +    VIR_FREE(vmname);
> +    VIR_FREE(oldsrc);
> +    VIR_FREE(newsrc);
> +    return;
> +
> +no_memory:
> +    VIR_WARN("OOM while encoding audit message");
> +    goto cleanup;
> +}
> +
> +
>  void
>  virDomainAuditFS(virDomainObjPtr vm,
>                   virDomainFSDefPtr oldDef, virDomainFSDefPtr newDef,
> @@ -641,6 +755,9 @@ virDomainAuditStart(virDomainObjPtr vm, const char *reason, bool success)
>          virDomainAuditRedirdev(vm, redirdev, "start", true);
>      }
> 
> +    if (vm->def->rng)
> +        virDomainAuditRNG(vm, vm->def->rng, NULL, "start", true);
> +
>      virDomainAuditMemory(vm, 0, vm->def->mem.cur_balloon, "start", true);
>      virDomainAuditVcpu(vm, 0, vm->def->vcpus, "start", true);


Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]